caddytls: Remove PreferServerCipherSuites

It has been deprecated by Go
author: Matthew Holt <mholt@users.noreply.github.com> 2022-07-28 14:50:51 -0600
committer: Matthew Holt <mholt@users.noreply.github.com> 2022-07-28 14:50:51 -0600
commit: 1bdd451913c065ce555d4e2bdb891946b61ffd87 (patch)
tree: b248634f888331615ca8a693b91b33e1b6c483c9 /modules/caddytls
parent: ea8df6ff114299058593530d24fe244201525b9a (diff)
1 files changed, 1 insertions, 4 deletions
diff --git a/modules/caddytls/connpolicy.go b/modules/caddytls/connpolicy.go
index d6304a9..4280f0a 100644
--- a/modules/caddytls/connpolicy.go
+++ b/modules/caddytls/connpolicy.go
@@ -172,8 +172,7 @@ func (p *ConnectionPolicy) buildStandardTLSConfig(ctx caddy.Context) error {
 	// so the user-provided config can fill them in; then we will
 	// fill in a default config at the end if they are still unset
 	cfg := &tls.Config{
-		NextProtos:               p.ALPN,
-		PreferServerCipherSuites: true,
+		NextProtos: p.ALPN,
 		GetCertificate: func(hello *tls.ClientHelloInfo) (*tls.Certificate, error) {
 			// TODO: I don't love how this works: we pre-build certmagic configs
 			// so that handshakes are faster. Unfortunately, certmagic configs are
@@ -475,8 +474,6 @@ func setDefaultTLSParams(cfg *tls.Config) {
 	if cfg.MaxVersion == 0 {
 		cfg.MaxVersion = tls.VersionTLS13
 	}
-
-	cfg.PreferServerCipherSuites = true
 }
 
 // LeafCertClientAuth verifies the client's leaf certificate.
author	Matthew Holt <mholt@users.noreply.github.com>	2022-07-28 14:50:51 -0600
committer	Matthew Holt <mholt@users.noreply.github.com>	2022-07-28 14:50:51 -0600
commit	1bdd451913c065ce555d4e2bdb891946b61ffd87 (patch)
tree	b248634f888331615ca8a693b91b33e1b6c483c9 /modules/caddytls
parent	ea8df6ff114299058593530d24fe244201525b9a (diff)